From mboxrd@z Thu Jan 1 00:00:00 1970 Path: main.gmane.org!not-for-mail From: Simon Josefsson Newsgroups: gmane.emacs.help Subject: Re: Emacs 21.2, smtpmail and vm Date: Thu, 30 Jan 2003 01:06:42 +0100 Sender: help-gnu-emacs-bounces+gnu-help-gnu-emacs=m.gmane.org@gnu.org Message-ID: References: <5lbs21856e.fsf@rum.cs.yale.edu><5l3cnb94ab.fsf@rum.cs.yale.edu> NNTP-Posting-Host: main.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: main.gmane.org 1043885369 26684 80.91.224.249 (30 Jan 2003 00:09:29 GMT) X-Complaints-To: usenet@main.gmane.org NNTP-Posting-Date: Thu, 30 Jan 2003 00:09:29 +0000 (UTC) Return-path: Original-Received: from monty-python.gnu.org ([199.232.76.173]) by main.gmane.org with esmtp (Exim 3.35 #1 (Debian)) id 18e2Gl-0006vu-00 for ; Thu, 30 Jan 2003 01:09:27 +0100 Original-Received: from localhost ([127.0.0.1] helo=monty-python.gnu.org) by monty-python.gnu.org with esmtp (Exim 4.10.13) id 18e2Hu-0004wB-03 for gnu-help-gnu-emacs@m.gmane.org; Wed, 29 Jan 2003 19:10:38 -0500 Original-Path: shelby.stanford.edu!newsfeed.stanford.edu!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!newsfeed.icl.net!newsfeed.fjserv.net!newsfeed.freenet.de!feed.news.nacamar.de!uio.no!news.kth.se!not-for-mail Original-Newsgroups: gnu.emacs.help Original-Lines: 39 Original-NNTP-Posting-Host: fnatte.nada.kth.se User-Agent: Gnus/5.090015 (Oort Gnus v0.15) Emacs/21.3.50 (i686-pc-linux-gnu) X-Face: 1Yn@M+tp9bHO[8c_KMq4EAehxF; z,'j|yrivOiG+mxk$hnZac61A{@h6 List-Help: List-Post: List-Subscribe: , List-Archive: List-Unsubscribe: , Errors-To: help-gnu-emacs-bounces+gnu-help-gnu-emacs=m.gmane.org@gnu.org Xref: main.gmane.org gmane.emacs.help:6073 X-Report-Spam: http://spam.gmane.org/gmane.emacs.help:6073 "Stefan Monnier " writes: >>> Could anybody give me the skinny about "why would an ISP require SMTP AUTH"? >> Isn't the answer the same as why authentication is required it all, in >> any protocol? > > I'd only buy that if its use were systematic, which it obviously isn't. It takes time for people to realize that authentication is required. Few of the old Internet protocols included authentication from the start. >> If you are thinking that ISPs should use IP based ACLs to allow >> relaying for their customers, it's not going to work with todays >> computer habits (people travel with their laptop and expect the mail >> server to continue to work). > > By "laptop" you mean "those things with small screens and shallow > keyboards"? Yes. > I must admit I don't know enough of how those things work when you > try to use the Internet away from home (or office). But it seems > you'll need to get your IP from some ISP which is responsible for > routing to/from your IP and which has a mail server which you should > be able to use (like you probably use their DNS server). And given > such a context, it seems that IP-based authentication would be > pretty safe for SMTP. Ordinary users doesn't know about IP addresses and forgets about the SMTP server after configuring it once. One might think that DHCP could set the SMTP server address as it does the DNS server address, but there are practical problems: You cannot easily abuse a DNS server as a client, but you can very easily abuse a SMTP server as a client (spam). Just because people with their laptops get their IP from an ISP doesn't mean that the ISP know whom that person is, or know how to sue her when she sends spam through their network. If people route their stuff via their home, it is not the ISPs problem any more.